package org.xmldap.xmldsig;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.List;

import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.DigestMethod;
import javax.xml.crypto.dsig.SignatureMethod;

import junit.framework.TestCase;

import org.xmldap.exceptions.SerializationException;
import org.xmldap.exceptions.SigningException;
import org.xmldap.infocard.InfoCard;
import org.xmldap.infocard.TokenServiceReference;
import org.xmldap.infocard.UserCredential;
import org.xmldap.infocard.policy.SupportedClaim;
import org.xmldap.infocard.policy.SupportedClaimTypeList;
import org.xmldap.infocard.policy.SupportedToken;
import org.xmldap.infocard.policy.SupportedTokenList;
import org.xmldap.ws.WSConstants;

public class Jsr105SignaturTest extends TestCase {
  InfoCard validCard = null;
  
	protected void setUp() throws Exception {
		super.setUp();
		
    X509Certificate validCert = org.xmldap.util.XmldapCertsAndKeys.getXmldapCert1();
    RSAPrivateKey privateKey1 = org.xmldap.util.XmldapCertsAndKeys.getXmldapPrivateKey1();
    X509Certificate[] validCertChain = {validCert};
    
    validCard = new InfoCard(validCertChain, privateKey1);

    validCard.setCardId("validCard", 1);
    validCard.setIssuer("issuer with valid cert");
    validCard.setTimeIssued("2006-09-28T12:58:26Z");
    {
          ArrayList<SupportedClaim> cl = new ArrayList<SupportedClaim>();
      String displayName = "displayName";
      String uri = "uri";
      String description = "description";
      SupportedClaim claim = new SupportedClaim(displayName, uri, description);
      cl.add(claim);
      SupportedClaimTypeList claimList = new SupportedClaimTypeList(cl);
      validCard.setClaimList(claimList);
    }
    {
      SupportedToken token = new SupportedToken(WSConstants.SAML11_NAMESPACE); // default is SAML11
      List<SupportedToken> list = new ArrayList<SupportedToken>();
      list.add(token);
      SupportedTokenList tokenList = new SupportedTokenList(list);
      validCard.setTokenList(tokenList);
    }
    {
      ArrayList<TokenServiceReference> tokenServiceReferenceList = new ArrayList<TokenServiceReference>();
      String address = "http://sts.example.com/";
      String mexAddress = "https://mex.example.com/";
      X509Certificate cert = null;
      UserCredential userCredential = new UserCredential(UserCredential.USERNAME, "username");
      TokenServiceReference tsr = new TokenServiceReference(address, mexAddress, cert, userCredential);
      tokenServiceReferenceList.add(tsr);
      validCard.setTokenServiceReference(tokenServiceReferenceList);
   
    }
	}

//	public void testGenevaInformationCardSignature() throws SigningException, FileNotFoundException {
////		String aGenevaCard = "<ds:Signature xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/><ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/><ds:Reference URI=\"#_Object_InformationCard\"><ds:Transforms><ds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/></ds:Transforms><ds:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/><ds:DigestValue>rv6rFs/WJL75DrQWENyKWRZ++/Y=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>sM5HxifELetjACX9NT7njH17FvvR2C3qeyEfU3IWOL1PvPQ3QqjTiiUe2RHdBLrbSur72TTyXggny2ndDq5Z9zcm+iE6FQSLDSfM5U3bN3fFingJwocHkrhHhizVThdRvHLIURGW9gg1lLX44RaA6LeItqOngXnMjoi9il8Ctww=</ds:SignatureValue><KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><X509Data><X509Certificate>MIIF1zCCBL+gAwIBAgIKWLzYhwAAAAAAbDANBgkqhkiG9w0BAQUFADBjMRIwEAYKCZImiZPyLGQBGRYCZGUxFzAVBgoJkiaJk/IsZAEZFgd0ZWxla29tMRwwGgYKCZImiZPyLGQBGRYMbGFib3JhdG9yaWVzMRYwFAYDVQQDEw1ULUxhYnMtUm9vdENBMB4XDTA5MDQwODEyNTgxOFoXDTEwMDQwODEyNTgxOFowMjEwMC4GA1UEAxMnUTRkZWE3c2EwMDBaMjExLmxhYm9yYXRvcmllcy50ZWxla29tLmRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/W70Uwpx3iuOiCw4FUDTjKpO+oiojnyQarnOd/1AZP49ylyJhhNdwCd3yaNU2nFGIQfj6h88jdQWGCathAphtFT+PjuBXE+R6JayLJAEjyRxlo6AbWX9SXmjUfYGk+4nC8lOx2/9g21HEehAe+keJ9vUqCwB7v8SA1D71iz1lKQIDAQABo4IDQDCCAzwwHQYJKwYBBAGCNxQCBBAeDgBNAGEAYwBoAGkAbgBlMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATALBgNVHQ8EBAMCBaAwHQYDVR0OBBYEFMEUS9S/jUdm8QE2ZQmqfd5kIY4vMB8GA1UdIwQYMBaAFBmapkdCKjFq9j4pGFk3Be2KJUljMIIBLAYDVR0fBIIBIzCCAR8wggEboIIBF6CCAROGgcdsZGFwOi8vL0NOPVQtTGFicy1Sb290Q0EsQ049bGFiLWZpbGVpbnQsQ049Q0RQLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9bGFib3JhdG9yaWVzLERDPXRlbGVrb20sREM9ZGU/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50hkdodHRwOi8vbGFiLWZpbGVpbnQubGFib3JhdG9yaWVzLnRlbGVrb20uZGUvQ2VydEVucm9sbC9ULUxhYnMtUm9vdENBLmNybDCCAUkGCCsGAQUFBwEBBIIBOzCCATcwgbsGCCsGAQUFBzAChoGubGRhcDovLy9DTj1ULUxhYnMtUm9vdENBLENOPUFJQSxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPWxhYm9yYXRvcmllcyxEQz10ZWxla29tLERDPWRlP2NBQ2VydGlmaWNhdGU/YmFzZT9vYmplY3RDbGFzcz1jZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MHcGCCsGAQUFBzAChmtodHRwOi8vbGFiLWZpbGVpbnQubGFib3JhdG9yaWVzLnRlbGVrb20uZGUvQ2VydEVucm9sbC9sYWItZmlsZWludC5sYWJvcmF0b3JpZXMudGVsZWtvbS5kZV9ULUxhYnMtUm9vdENBLmNydDAyBgNVHREEKzApgidRNGRlYTdzYTAwMFoyMTEubGFib3JhdG9yaWVzLnRlbGVrb20uZGUwDQYJKoZIhvcNAQEFBQADggEBADL/2BNa/hHYD+Umt9cQFUHy2PmM92S6MjAr6h14kiYwqft5JJ0WtKqwpq6llh7TDl5BiZoa7IsKUGKHSvTLb2VrPkR3P9/0YSLatn8wHa0OArrxTXhU7ACPmavnRqUqZw1oDY5NsTDvlRVNEkbK7OASzRNTxEfekmd8hIbACJr8/uZl73rrNgyqIA74k4T1GmZGCEWIqAG/5OvSQdMo4Z0uR1k8+g407p8JQ6sE3kRpuzl7p9wG5hODJBHFFfI4DB7/uMvR6iw9SHwAebawtqecx2sVZfwGBA5QVCqvaAX6mVtmDbUY5JOw/zfCDkI2a5S1YHVNZSNCn0WZTl8thls=</X509Certificate></X509Data></KeyInfo><ds:Object Id=\"_Object_InformationCard\"><i:InformationCard xml:lang=\"en\" xmlns:i=\"http://schemas.xmlsoap.org/ws/2005/05/identity\"><i:InformationCardReference><i:CardId>https://q4dea7sa000z211.laboratories.telekom.de/a4d5f5de-f9a6-489d-8d60-f198efb69ce9</i:CardId><i:CardVersion>1</i:CardVersion></i:InformationCardReference><i:CardName>T-Labs Card UP</i:CardName><i:CardImage MimeType=\"image/gif\">R0lGODlhlgCWAPcAAAAAADMzM0hISFBQUFhYWGBgYGhoaHBwcHh4eICAgIiIiJCQkJiYmKioqLi4uMjIyNDQ0NjY2ODg4Ojo6PDw8P///3hwcIB4eHBoaGhgYGBYWFhQUFBISFhISDMAAICAeGhoYNDQyDMzADNmADOZADPMADP/ANjg2DNmMzOZMzPMMwAzAABmAACZAADMAAD/ADP/MwD/MwDMMzPMZgCZMwD/ZsDQyDOZZgBmMwDMZgD/mTPMmQCZZgDMmQD/zHiAgIiQkJCYmGBoaJigoFhgYKCoqKiwsLC4uHiIiHCAgICQkMDIyGh4eIiYmJCgoMjQ0FhoaJioqKCwsNDY2Ki4uNjg4DNmZjOZmTPMzAAzMwBmZgCZmQDMzAD//wDM/3CIkGiAiGB4gFhweFBocEhgaACZzDPM/3CAiHiIkGh4gICQmGBweIiYoFhocJCgqFBgaEhYYGiImDOZzABmmWiAkHCImGB4iFhwgFBoeEhgcACZ/3iAiHB4gICIkGhweIiQmGBocJCYoFhgaJigqFBYYKCosKiwuLC4wHCAkLjAyGh4iHiImGBwgMDI0FhoeFBgcMjQ2EhYaEBQYGB4kNDY4FhwiNjg6DNmmQAzZgBmzDOZ/2h4kGBwiFhogABm/3B4iHiAkGhwgICImGBoeIiQoFhgcJCYqFBYaKCouLjA0DNmzAAzmQAzzDNm/wAz/3h4gGhocJCQmGBgaFhYYFBQWLCwuMDAyMjI0NDQ2LCwwNjY4ODg6DMzZjMzmTMzzAAAMwAAZgAAmQAAzAAA/zMz//Dw/zMA/zMAzDMAmTMAZpCIkFhQWMjAyNjQ2ODY4DMAM9C4yOC40NigwNhoqNiQuNhYoOCIuNBIkNhgoOB4sNhQmNgwiOhgqOhQoOhAmMi4wNjI0MCgsODQ2MiouNCwwOCwyNiIsOCgwNh4qNhooNhYmOBgoNgogOBAkOAwiOAggOAYgOAQeOAAcP/Q6P/g8OA4iOAogPCYwPCIuNiguOCowP+42P/I4NiwwNjAyMiosCwAAAAAlgCWAAAI/wArCBxIsKDBgwgTKlzIsKHDhxAjSpxIsaLFixgzatzIsaPHjyBDihxJsqTJkyhTqlzJsqXLlzBjypxJs6bNmzhz6tzJs6fPn0CDCh1KtKjRo0iTKl3KtKnTp1CjSp1KtarVhACyat3KtavXr2DDih1LtqzZs2aLqV3Ltq3bt3Djyp1Lt67du3jpZs3Lt6/fv4ADw90ruLDhw4jzEk7MuLFjwYsfS058r7Lly5gtN448ubNgb/JCy4v3Ll7od6VFy/O2GQDeXcWcxfZMey1oee/uqcUXmnUxfKZXt8YLDcI4cNBk1/YM+h2/tbyFq71n2ndiznObFfvnTPty5vJ0Q//vzZab9Ouu845T/r2zt3dto1tXG2/+YexrYReztNaSrnDN6NKee9zER1559hmG31zhiDNgZ/g8x5Z8bfGDz3CvhQPOg+1R6NmCcn3D3hQCxlVFFWtVQUkV/HEYFwQwQjDeeTHK+GKMctW4FohxSZDiEktMQYkuU5B4oopLNLLiFEscksgTkKiIootsMWAlAz7+dmAxV2IZV5dZvgWmWjwWs4suU+5SxRQSqHmLIYUUYsicc1JhpyFSGEHFIVRIUYgUhuxJRSJT3NWiY2NqeV6iYl4ZpluJcmZJI7nkckgutdRyxCGHHAFnLXMWEYgaSqjxx6montrEH0206iobgbD/GoghidiSZCON3HILlJDggssUtyj5WKIecunol8fCFWl6Z1KSyB+f8CHtJ2q4+ocafWSb7R5ndHvGH9migQYSSKCxx7h7pFuuGubu0UcTgTgRyCCB1GuvvdcOcotjDvTrQJbF+vtvXAI/2lbBZKaXCJx/hNJGKY+U0kYfUQAqRRTyksqut9/2Ie645Z7xsbh9KMHGx39Esachh2DsRpyDyAtuGmcMkgounhU7GWGJFDKIKGu0IfQjbaCBKrugnJHG0mn4wUgaa/ShdChr+LH0GkuHwfQZavCx9CdosOHG2EpzHcjJaSByxhqhiDLIIYc+prNkhB1SiBtoBD1KG0Sb/0v1Go60EbgjhAseOBpp7B2x0Iwz7kjUQQv9+Bps890G1t0K/rAjZ7BhSNyOzf1Y3Xf3Ebnl5TKt+upLq6F0GJSvATvslGudxh9Qx65744ycsUfgD7dxBimGlCiZ6I7VTS8aewdN9LlngKHI0mcoooj0aSjSbR+ISB9GGIogkn0a32d/Rh/TM6I+I2GwH/vTIqfBCOWhgPIHKsY/1k1v4u2cniFO+MMZhOYwiZ2LDptQhPoUYQfr2YERiqADHRaBCAaqjw51sMMD73AHRjQQDQq8gxjU98AHqg98iAChAlEoikLkDzH8qEw3ghOPblRGQsn736g+QbigjaFoi9jEBv/vYEL1dbCBakCEHThIxDiEgYkcRKIi7kA4R3CwE1S0IhER8QVO3AGLEATFICjhGG7EIziqOWOBRqfDP+whaM4rGhoYIYYq2lFyj3Md4CQHOOAJTgy3C0PgxjAGO9qRESkUIeHCOEYqYcgQgWhC3i5nOTQooVvTG5/1mAaGb6FBaayDmtVo1gSl6S52o0jlKEJxrr0JbRRpECMZHYketUBSgK+03AHBwIhTrEERYdBgG94AQTB8Epjz8yD7GBExCCoChPKj3Prk9zTz7WF1ImskLRFDGEh2TWiU65sa6kAHRsDhDnSwQzrxEAl10oEUi0hnFCdBREbk4RGckOAfEDH/iSVykBFE/GcDU+jPO4BvD26Y5TYVpEPXOaIUaxiFxDwGTDG8wREABegY3jDCMJACEXSsIhWp+IhHjFARbOBlFsUwUsJx8JmL4KAVIXiGhC70Pm3cg0T3NlHXTU92qoNd9hQhSfLB7mnsox312KC0+Z3yfWlAQx/m18M07MEUOFsOBegxj3nsYx/nCGs2xpqNa1xjH3/pZqz2AIjLrUFiaBBF9NLQBkZIz3oRpRnX0IA99gHzaljTnuvIl8z2rY99VkWcUxnxiatmNS9b5WpXvwrWsJ6DrGU1q1nZwdnOevaz7DgHBfqiVjV84mHhLFoSywkHMTDQesNkhATZlU46/3qwno8gph3A4Do7tO+Ihw2m9kBo2DREVrKUtSxmM7vZa4D2uZo163KzYdmwkuO65GAGMx7wAOeKli+lPS3RhjkxNUjwDpFwhB04oUFHkIGIYGDDIhg40oJGIr3qZIMSoehF/sJ0iY6Yh3OdC9oBR/ca060udqPxAHCAo0Y1esATYPQEG1T4CRjOMHclnA12KMNgdVGrGx0x3je0QQmikB+JDecIMVhuhCdjxCA1F7g3vGEMgAzEGer4w8IZkhFoUIMI6YHgc0TjyNEAhzjEEQEmR0ACUIbyCaZM5SkXqUgQznKEN8zlLnP3CR3OxhPAm9NRmNhyfRAgKEOZhk6yQf9qV1udNGkWiGtSbhSUA0REDRcKS+5tH+wQxwSiTGgoR+DQiE70obXMaC17+dFfdq4yCqWYhg7wEYqTY18h+D1BEvN6UmOgIy76wPaV1JlSax84DVtY7SFhaYAGR6EloOhaK7rRuI4RpB/9BEk7qNK2DIQS+PCwtpq4D2r4Qjo1uGw7OCISsqWDfNcZCTEsUYN5eO8kEMGGL2gwtwGF4gdF4dtYz9rW6F50rnG96y732sOUxktpBygx8qpBDQqU8QjFwO/cYjQMJwuDGB4RCRzjgXBkIIMVFaFjGSe8xYY0aJABCuhozJrW6a71unPdbi5LGsR6KXMpJGpiU73uhCf/nHMaAtGH3Ekzdj0MwxmcsIf5Sa6OhuyzGtYghnmww+LnzrjGN87ojm9Y0icgc7AFCIiRl+LYPjUq+VZ3vT8QN5nUdKrWvtXUp0JVqvPzOdAJXQ5pmF0a4BB6P/pB9KIb/eNKLwYkh2058iIbDBtUZjDXh0QQAtSKBeW3BxXhOoDym4MsFWEHFQEKNLRP7IUWRz2s4Q50tMMch8YGOmxtjm203dFvZ0cDkg5subOc2G8ABCBKroZNVGKkAO0gEzmBUnJn0YqO6IQjDr74QCDiDngIvvCH3wk7TPwOkCe0PqwhgXqgHRuHdoc0bC0Nd6z98xAO/Yfj7s0BvmENq2/D/6nS4GOcF64NI2S5jINXd0IKLg00d8QYSvqI+ROy/ngA8h8AJ/ZBR3nJzTd9/hB90xcB4KAN1VAN4CAN8EAN2kAN4KAO6sB2MCJ0tgYBXuZcDQBycyFibGViTyd+pZQ1bEZng5UGoeBUKRg7NOMELed1upMG7xI0yRdl5VAPNygN2AB9ESB9h1YO1id91RcB+bAN+WAP+UCBDtAATMiEytAAyhCFUjiFT4iBHudhHCgXaqUEp3U5ggB11VNc1dRqfbAHyCQGpwRO2ZNqTrUGySRNT3Mu5EMP7EAO/gdlN3iD+rCDBGiA5kAN6QAPZucOESAN2wAO5vCAEDAFyiAAAv9QAI9YAJI4iZQIiQKgDBHQZRqYhXGhVi1XCqWweqcgfh+1XlHkQUNEe2wgCiFkRXUkQvelXmAQCHOURVh0cLsHeEH2RHR4DndIaPWgDxjXg9NnDtPgDuBgD9RADfaAiNqwdkUIARHQiA5ghds1YTDCZRDQAJf4BJooepw4GA2Fem9wCib2B2wwRVVURyxlR2EwKoI0f3gwf/V3X4/gCPCHBvJXUvfXj/lnNIyAB734i1BmDe2wDtFwaObQDtgwDe2gg+igDekgDemQgODQDxJIDYvYiMwQARW4jVFYjTXCjZi4Yd7IWRvIfbHifeX4BqOAjmfQhqeEZ08TK7lTRY3/IzhY44Knk5OSwwh9wAYyNpAXR2gWeGsxMo0CwAwVyAyW6IjKwJQwQpKZ+GXdBY4q6TrD9IUueSqgVD7lMz/gAwZ/cEnt83K6Az9N8IJP9UpYYzRQQwGhRZBBd5TqBiOMuJQV+JSOeIkxQpUm+QAoGY5v0U1B0AeoJzQuaSpKZFi+dVjqRJbooz4jVESCBz5W90TsmEU21gZ3EEtKwEBE5otFaZR26ZFJyZHSyAx92Zp6uY2XWJUSxgybqJItxzfG9pJsQAdXJHsyhVGTQAexoo54EFBVxHuK4ARqEJDD9wh5IAmSkAf/mI6VIJekWZqGdpqouZGvyZqu+YhSCZjc/wUBzICSE6CSl8R+34eOimBIOPlH74g7g1RIbfBD9oePg6AGJEZ/JfUGcAAHNwZkgZAGYmCddCkBE5CgB1qaiQYBEsCRqMmXjlgAfxmbJlmeoneepWcIbKAGbNUGfmBma/AHdbY08xMKKPo3WMMHTlBKMKg7NfMHIQpOPXk5aaAEA9oGFHAN10loDxCFUNiEQjqkTCgw/cKdHflkDsCXBcAMtAabJTmeGNoAGipv/9MEdHdmpwAISiBAhPU0oZA1T9NJStAHn3CWsrM+c3YGSoA4aPqGc+YuwGSghTYB3PideJqnj+igjWgDDiCFfCmFDRAB4ilh5GCecVcLLJcGX//4dKegm/vFQV7EXgClTogQKyrVYuujSET0BaMiT8e5e8HXCfqHd3cwl7PGDFSoDAXAqqxaibAqidzpAHramk9ooV82pVV6F56Ieo76kjrmnnYkBuDjBOm4j4VUOPYnBjH6RHjAj/VHf/8YCGAAfAh2oBSgoNoaZb/YoBgIIw8qAHdaq49YqE9wqOzgALtqF93EBun5Bl/4qPByBqPgCPXaR3a0k4HAB37kk5dTM02wfoxTb4sTNU5AfmNwrbO2jUUqMNq1XQ+QZbWWl+Naq60am1YIAeiqrtyHpd73ML7EKjG5WE/1NKuyNi/qhp8QBEoANYOjN/Vqr1HVBHwAOAr/S2gTQKvkOqGRWInKwKfiurPlirEYeK7scA1U2rGIGYJtELL7VESslkwQVJYxyXNGRJkdpQjgInCE044QZ0VhsAehSUc3S2hLKomPKLSuSaEn0Ihqi7aDmo0ae7Qcu6FrmQYhKAi+BC+/l0Vf9JsLdza/J39WhIvCdwfJ+QcBWVLB9wiN67hAlo7PWrZBp2va5S9CuqqYGK5q25cNgI0Ru7HrGmJXipjDJIprMK+EU3/yxzglVVf10p70R4/8iZ9ssAa59Qb9ubuPEDUDWlKUG2WHdnHaWrwJapR52bmOGLffeqjX4ACjtaFUe7rluAZBUGd5pme6o73wp2PgJzSq/9dW4LsGSUAvTJCTUCA0grC+BpsEwxS8E+CUPSuJrjqFTdgvEFuBnKu8DQBhzlu3VmpLa5mYpeC015R1KOeGS5MtXeeGp+RXZRpNaRmD7nIGsAO/Oqu8fQmJmJi8/LudRvu80RvAcne3X7g3Iet76uNSUORSWitAMuZSByd8C7cqgvSsMzx8+Wc/Z3AHYzBWFwcBUQiryvtkbvvBNfK/I8yrpYu3Jqa3qet7hENIorp7JYVRsYusyEp/jpCcQjl/ZBCtJZUH9yQGaKBjk5sNB7qtw5iNzIC5TjiFEdC2lSi0zAsj50C3S8yupfux5egH8fI7/uo43TtAg1xvaUAvQf9jY7rbyIzsu3swTGW1oNhZydl5lxv2xkvYhFMokjGixB37rg+znnUmkyWbBq2CspOjSqpEvjZZoznpB0jgRkEzycaroJWsnRZ4AogGYU+QxyKcqAP8dIJQwH7AKqCATGn6PcnUQF65wiOkb+w4tWogP+x4zV3LSmVINQKGYGNlWUimZExmyRJQZbyMlNiHx3oszIjTkn98vaDAQcE3UreHuPXSwzhsxf3YxfIiSNIKrSW1BnsABDolC7LQzc/1WQeGWZZFDkfmYE42x+ZsZVeWa798tMywx6RrS+BCbKfAlYA8CPq4n/JXSIRUSPA3CJemu/VJf7qLn0OwBvNnY7n/5dKCAAg/AASvIAQFkAGyEL/9krlRmA3KcGAEltCdtdBk1dDXxWARWyNXNgXADL3cBy4DZI42FtJoIDSgyH6NkwZDMAiRDIr15pN8UASDcL5Px8htAAXwKgiwkAAL8AOzoAGSKAvZmq2/eAJTAAE28NdGKtRReA1FHV1IXWCahVmSltFVbbof/QaEcMy0mD5IpTWGpT1KAARdt0xq+jSfoAQta8rqQzl+4AcIkACvYACzIAQGAAuwgAAMYAu2EBcUUNu1zcaGNgUV5qcCI9hEfWAJXYWk9T9u5AeCQAjlCAd+AC9o8EAszESLpLWlREW851K5eAdgsCoIi3/FSUWC/+MHr/ABCCAEs0AEBi0LB8AAT/BYf2Hbt328wygONsAMgB3UmxzHT8gMo7vRcudGeIvVkT0vczTFubh7hGTPbnAG++m4jLusihAzaTAGCXdPjruPpWDaF3AABUAABDCJgHwLNtIZ7v3ed9jLEaDRfMzRaOCrpRDgIh04r8ufr5vIYs03NH3jLM0HgzAIEc7INP0I6ysIBmABCGAABDAAtMDhBXAAQXAL7H1TftFNHU1ebUAITBAETpA39doGMbvll8MH9fJG/ZqTawDm++pK6CsLPY0BGJABRz4AA9DhBxALtxBvUB7lxO3Y62vlzC3BUeuGMueV7SN4/MZvmvoJp/9Ss13rYo4QvkKQAZDu5hvAAXG+5AtQ53cOGFK+B35Qjl9ICCuHN9RdnAU+zwynY8DHuKp+xadOfs5ZUva4vpKYAW3O4QMgAMtg6VGS6WlF3Cte5eVo5fOyCPt4j2Mww1dM42ggBrRb048Qxl2842lAcGSQB5Hwn4JABJMIAhhgARqwDLc+ABqAAbHwQrxOwoYw5YSw7qA+L30wyj/en29QColcBFvt4/huYmddBOTIyNmuAXZdACBgAd6+AZPeARuQAQrwACFw7sONFhAf8RI/8RRf8WBxFRif8Rq/8Rzf8R7/8SAf8iI/8iRf8iZ/8iif8iq/8izf8i7/8jAf8zIsP/M0X/M2f/M4n/M6v/M83/M+//NAH/RCP/REX/RGf/RIn/RKv/RM3/QeERAAOw==</i:CardImage><i:Issuer>https://q4dea7sa000z211.laboratories.telekom.de/</i:Issuer><i:TimeIssued>2009-04-09T13:15:41.256Z</i:TimeIssued><i:TokenServiceList><i:TokenService><EndpointReference xmlns=\"http://www.w3.org/2005/08/addressing\"><Address>https://q4dea7sa000z211.laboratories.telekom.de/Trust13/UsernameMixed</Address><Metadata><Metadata xmlns=\"http://schemas.xmlsoap.org/ws/2004/09/mex\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:wsx=\"http://schemas.xmlsoap.org/ws/2004/09/mex\"><wsx:MetadataSection Dialect=\"http://schemas.xmlsoap.org/ws/2004/09/mex\" xmlns=\"\"><wsx:MetadataReference><Address xmlns=\"http://www.w3.org/2005/08/addressing\">https://q4dea7sa000z211.laboratories.telekom.de/Trust/Mex</Address></wsx:MetadataReference></wsx:MetadataSection></Metadata></Metadata></EndpointReference><i:UserCredential><i:UsernamePasswordCredential><i:Username>LABORATORIES\nennker.axel</i:Username></i:UsernamePasswordCredential></i:UserCredential></i:TokenService><i:TokenService><EndpointReference xmlns=\"http://www.w3.org/2005/08/addressing\"><Address>https://q4dea7sa000z211.laboratories.telekom.de/Trust2005/UsernameMixed</Address><Metadata><Metadata xmlns=\"http://schemas.xmlsoap.org/ws/2004/09/mex\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:wsx=\"http://schemas.xmlsoap.org/ws/2004/09/mex\"><wsx:MetadataSection Dialect=\"http://schemas.xmlsoap.org/ws/2004/09/mex\" xmlns=\"\"><wsx:MetadataReference><Address xmlns=\"http://www.w3.org/2005/08/addressing\">https://q4dea7sa000z211.laboratories.telekom.de/Trust/Mex</Address></wsx:MetadataReference></wsx:MetadataSection></Metadata></Metadata></EndpointReference><i:UserCredential><i:UsernamePasswordCredential><i:Username>LABORATORIES\nennker.axel</i:Username></i:UsernamePasswordCredential></i:UserCredential></i:TokenService></i:TokenServiceList><i:SupportedTokenTypeList><t:TokenType xmlns:t=\"http://schemas.xmlsoap.org/ws/2005/02/trust\">urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType><t:TokenType xmlns:t=\"http://schemas.xmlsoap.org/ws/2005/02/trust\">http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</t:TokenType><t:TokenType xmlns:t=\"http://schemas.xmlsoap.org/ws/2005/02/trust\">http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</t:TokenType></i:SupportedTokenTypeList><i:SupportedClaimTypeList><i:SupportedClaimType Uri=\"http://schemas.xmlsoap.org/claims/CommonName\"><i:DisplayTag>Common Name</i:DisplayTag><i:Description>The common name of the subject.</i:Description></i:SupportedClaimType><i:SupportedClaimType Uri=\"http://schemas.xmlsoap.org/claims/Group\"><i:DisplayTag>Group</i:DisplayTag><i:Description>A group that the subject is a member of.</i:Description></i:SupportedClaimType><i:SupportedClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname\"><i:DisplayTag>Given Name</i:DisplayTag><i:Description>The given name of the subject.</i:Description></i:SupportedClaimType><i:SupportedClaimType Uri=\"http://schemas.xmlsoap.org/claims/UPN\"><i:DisplayTag>AD FS UPN</i:DisplayTag><i:Description>The UPN of the subject.</i:Description></i:SupportedClaimType><i:SupportedClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname\"><i:DisplayTag>Surname</i:DisplayTag><i:Description>The surname of the subject.</i:Description></i:SupportedClaimType><i:SupportedClaimType Uri=\"http://schemas.xmlsoap.org/claims/EmailAddress\"><i:DisplayTag>AD FS E-Mail Address</i:DisplayTag><i:Description>The e-mail address of the subject.</i:Description></i:SupportedClaimType><i:SupportedClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress\"><i:DisplayTag>E-Mail Address</i:DisplayTag><i:Description>The e-mail address of the subject.</i:Description></i:SupportedClaimType><i:SupportedClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn\"><i:DisplayTag>UPN</i:DisplayTag><i:Description>The UPN of the subject.</i:Description></i:SupportedClaimType><i:SupportedClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\"><i:DisplayTag>Name</i:DisplayTag><i:Description>The name of the subject.</i:Description></i:SupportedClaimType></i:SupportedClaimTypeList><i:RequireAppliesTo Optional=\"false\"/></i:InformationCard></ds:Object></ds:Signature>";
////		ByteArrayInputStream inputStream = new ByteArrayInputStream(aGenevaCard.getBytes());
//
//		InputStream inputStream = getClass().getResourceAsStream("mycardUP.crd");
//		boolean valid = Jsr105Signatur.validateSignature(inputStream);
//		assertTrue(valid);
//	}
	
	public void testSignedInfo() throws SigningException,
			InvalidKeySpecException, NoSuchAlgorithmException, CertificateException {
		String inputStr = "<root>text</root>";
		ByteArrayInputStream streamToSign = new ByteArrayInputStream(inputStr.getBytes());
		ByteArrayOutputStream signedStream = new ByteArrayOutputStream();
		X509Certificate cert = org.xmldap.util.XmldapCertsAndKeys.getXmldapCert1();
		RSAPrivateKey privateKey = org.xmldap.util.XmldapCertsAndKeys.getXmldapPrivateKey1();
		String canonicalizationMethod = CanonicalizationMethod.EXCLUSIVE;
		String digestMethod = DigestMethod.SHA1;
		String signatureMethod = SignatureMethod.RSA_SHA1;
		Jsr105Signatur.genSignature(streamToSign, signedStream, cert, privateKey,
				canonicalizationMethod, digestMethod, signatureMethod);
		byte[] signedBytes = signedStream.toByteArray();
		ByteArrayInputStream inputStream = new ByteArrayInputStream(signedBytes);
		boolean valid = Jsr105Signatur.validateSignature(inputStream);
		assertTrue(valid);
	}
	
	public void testValidate() throws SigningException {
	  String expectedSignature = "<dsig:Signature xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\" /><dsig:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" /><dsig:Reference URI=\"#_Object_InfoCard\"><dsig:Transforms><dsig:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\" /></dsig:Transforms><dsig:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" /><dsig:DigestValue>94kbRiYjQSLPnDk2Wt90hMHnXaI=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>EVT5Add3Sq9dtE7v9GImcDV2ESNI6syQPVV18W6CRKl4b99z3sgFo7YYr77u50imYgULwCGln0o5F7m6I6YrqWr3RY6uuRfUjC9ViZ6YnbOnkAFK4pHgWoc5nWGEVZHuNrPJzF3jU5P2LXGCja9/TMWsQaGPThI8nkY4Cl+22HA=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIDkDCCAvmgAwIBAgIJAO+Fcd4yj0h/MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEPMA0GA1UEChMGeG1sZGFwMScwJQYDVQQLFB5DaHVjayBNb3J0aW1vcmUgJiBBeGVsIE5lbm5rZXIxFzAVBgNVBAMTDnd3dy54bWxkYXAub3JnMB4XDTA3MDgxODIxMTIzMVoXDTE3MDgxNTIxMTIzMVowgY0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMQ8wDQYDVQQKEwZ4bWxkYXAxJzAlBgNVBAsUHkNodWNrIE1vcnRpbW9yZSAmIEF4ZWwgTmVubmtlcjEXMBUGA1UEAxMOd3d3LnhtbGRhcC5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOKUn6/QqTZj/BWoQVxNFI0Z2AXI1azws+RyuJek60NiawQrFAKk0Ph+/YnUiQAnzbsT+juZV08UpaPa2IE3g0+RFZtODlqoGGGakSOd9NNnDuNhsdtXJWgQq8paM9Sc4nUue31iq7LvmjSGSL5w84NglT48AcqVGr+/5vy8CfT/AgMBAAGjgfUwgfIwHQYDVR0OBBYEFGcwQKLQtW8/Dql5t70BfXX66dmaMIHCBgNVHSMEgbowgbeAFGcwQKLQtW8/Dql5t70BfXX66dmaoYGTpIGQMIGNMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEPMA0GA1UEChMGeG1sZGFwMScwJQYDVQQLFB5DaHVjayBNb3J0aW1vcmUgJiBBeGVsIE5lbm5rZXIxFzAVBgNVBAMTDnd3dy54bWxkYXAub3JnggkA74Vx3jKPSH8wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQAYQisGgrg1xw0TTgIZcz3JXr+ZtwjeKqEewoxCxBz1uki7hJYHIznEZq4fzSMtcBMgbKmOTzFNV0Yr/tnJ9rrljRf8EXci62ffzj+Kkny7JtM6Ltxq0BJuF3jrXogdbsc5J3W9uJ7C2+uJTHG1mApbOdJGvLAGLCaNw5NpP7+ZXQ==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id=\"_Object_InfoCard\"><ic:InformationCard xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\" xmlns:ic=\"http://schemas.xmlsoap.org/ws/2005/05/identity\" xmlns:mex=\"http://schemas.xmlsoap.org/ws/2004/09/mex\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:wsid=\"http://schemas.xmlsoap.org/ws/2006/02/addressingidentity\" xmlns:wst=\"http://schemas.xmlsoap.org/ws/2005/02/trust\" xml:lang=\"en-us\"><ic:InformationCardReference><ic:CardId>card1</ic:CardId><ic:CardVersion>1</ic:CardVersion></ic:InformationCardReference><ic:Issuer>issuer</ic:Issuer><ic:TimeIssued>2006-09-28T12:58:26Z</ic:TimeIssued><ic:SupportedTokenTypeList><wst:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</wst:TokenType></ic:SupportedTokenTypeList><ic:SupportedClaimTypeList><ic:SupportedClaimType Uri=\"uri\"><ic:DisplayTag>displayName</ic:DisplayTag><ic:Description>description</ic:Description></ic:SupportedClaimType></ic:SupportedClaimTypeList><ic07:RequireStrongRecipientIdentity xmlns:ic07=\"http://schemas.xmlsoap.org/ws/2007/01/identity\" /></ic:InformationCard></dsig:Object></dsig:Signature>";
	  InputStream inputStream = new ByteArrayInputStream(expectedSignature.getBytes());
	  boolean valid = Jsr105Signatur.validateSignature(inputStream);
    assertTrue(valid);
	}
	

	public void testValidCard() throws SerializationException, SigningException {
	  String validCardString = validCard.toXML();
    InputStream inputStream = new ByteArrayInputStream(validCardString.getBytes());
    boolean valid = Jsr105Signatur.validateSignature(inputStream);
    assertTrue(valid);
	}

}
